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Claims 



1 claim: 

1. ^^^A method for secure electronic transaction authentication, comprising the steps of: 




s er 



i ™ 



obtaining transaction Information from a vendor; 

obtaining user inforrnfation, including a secret key from a user; 

electronically performing a message authentication code ("MAC") function 
on at least some of tpe transaction information and some of the user 
information; and 

MAC function as private transaction information. 



using a result of the 



tie 



The method of claim 1, wherein 
obtaining at least one of a name o 
transaction, and a time of transaction 



using the result as at least a part o 



step of obtaining transaction information comprises 
the vendor, a URL, a transaction amount, a date of 



The method of claim 1, further co|nprising the step of adding a counter value to the 
transaction information. 

The method of claim 1, wherein the step of using the result of the MAC function comprises 



a credit card number. 



The method of claim 1 , wherein t 
transaction information comprise! 



on at least some o 
information using 



e step of using the result of the MAC function as private 
using the result as at least a part of a user's name. 



A method for verifying secure information for a user, where the user has a secret key, 
comprising the steps of: 

a. receiving the secu 'e information; 

b. receiving transaction information; 

c. receiving user-infc rmation; 

d. electronically perf )rming a message authentication code ("MAC") function 

the transaction information and at least some of the user 
he secret key; 



e. comparing a result pf the 



MAC function with the 
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received secure information; and 

f. verifying the received secure information if the result of the MAC function is 
identical to the received secure information. 

The method of claim 6, wherein the step of receiving the secure information comprises 
receiving from a vendor private transaction information at least partially containing the 
result of the MAC function. 



The method of claim 7, wherein 
information further comprises rejceivmg 
of the MAC function. 



The method of claim 7, wherein 



he step of receiving from a vendor private transaction 

a user's name at least partially containing the results 



the step of receiving from a vendor private transaction 
information further comprises receiving a credit card number at least partially containing the 
results of the MAC function. 



The method of claim 6, wherein 
receiving at least one of a name 
transaction, a time of transactior 



a. 
b. 

c. 



the step of receiving transaction information comprises 
of the vendor, a URL, a transaction amount, a date of 
a name of an item purchased, or an invoice number. 



A method for conducting a secu'e electronic transaction, comprising the steps of: 



d. 
e. 
f. 

g- 
h. 



obtaining transaction information from a vendor; 

obtaining user information, including a secret key; 

processing secure information by electronically performing a first MAC 
function on at le ast some of the transaction information and some of the user 
information usirg the secret key; 

using the secure information in private transaction information; 

a verifier receiving the secure information; 

the verifier receiving the transaction information; 

the verifier receiving the user information; 

electronically performing a second MAC function on at least some of the 
transaction information and at least some of the user information using the 
secret key; 
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12. 



13. 



14. 



15. 



16. 



17. 



i. comparing a result of the second MAC function with the received secure 
information; and 

j. verifying the received secure information if the result of the second MAC 

i 

function are identical to the received secure information. 

The method of claim 1 1, wherein the step of obtaining transaction information comprises 
obtaining at least one of a name of thd vendor, a URL, a transaction amount, a date of 
transaction, a time of transaction, a name of an item purchased, or an invoice number. 



The method of claim 1 1, wherein thq 
the result as at least a part of a credit 

The method of claim 1 1, wherein th(; 
the result as at least a part of a user's 

The method of claim 1 1 , wherein thi 
receiving from a vendor a credit care 
first MAC function. 



step of using the secure information comprises using 
card number. 

step of using the secure information comprises using 
name. 

step of receiving the secure information comprises 
number at least partially containing the results of the 



The method of claim 1 1, wherein the 
receiving from the vendor a user's n^me 
MAC function. 



step of receiving the secure information comprises 
at least partially containing the result of the first 



The method of claim 11, comprising 
transaction information. 



18. An apparatus for providing secure el<;ctronic transaction authentication comprising: 



an input configured to 
information from a user. 



a processor configurec 
information and to ele 
the transaction 
key; and 

an output configured to 



le step of further adding a counter value to the 



obtain transaction information from a vendor, and user 
, including a user's secret key; 

to receive the transaction information and the user 
tronically perform a MAC function on at least some of 
information and some of the user information using the secret 



output a result of the MAC function for use as private 
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transaction information. 



19. The apparatus of claim 18, wherein the transaction information comprises at least one of a 
name of the vendor, a URL, a transactiorl amount, a date of transaction, and a time of 
transaction. 



20. 



21. 



22. 



23. 



24. 



25. 



The apparatus of claim 18, wherein the processor is further configured to add a counter 
value to the transaction information. 

The apparatus of claim 18, wherein the private transaction information comprises at least 
part of a credit card number. 

The apparatus of claim 18, wherein the pijivate transaction information comprises at least 
part of a user's name. 

An apparatus for verifying secure informs lion for a user, where the user has a secret key, 
comprising: 

a. an input configured to receive the secure information, transaction 
information, and user infoimation; 

b. a processor configured to obtain the transaction information and the user 
information and to electronically perform a MAC function on at least some of 
the transaction information and at least some of the user information using 
the secret key; 

c. the processor further configured to obtain the secure information and a result 
of the MAC function, and to compare the result of the MAC function with 
the received secure information; and 

d. an output configured to output a verification of the secure information if the 
result of the MAC function are identical to the received secure information. 



The apparatus of claim 23, wherein the pijivate 
number at least partially containing the secure 



transaction information is a credit card 
information. 



The apparatus of claim 23, wherein the p 
least partially containing the secure inforM 

26. The appai'atus of claim 23, wherein the 



ivate transaction information is a user's name at 
ation. 
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comprises receiving at least one of a name of the vendor, a URL, a transaction amount, a 
date of transaction, a time of transaction, a name of an item purchased, and an invoice 
number. 



27. An apparatus for conducting a secure electropic transaction, comprised of: 

a. an input for receiving transadtion information from a vendor, and for 
obtaining user information fifom the user, including a secret key; 

c. a first processor configured lo receive the transaction information and the 
user information and to process secure information by performing a first 
MAC function on at least some of the transaction information and some of 
the user information using/the secret key; 

d. an output configured to oijtput the secure information for use in the secure 
electronic transaction; 

e. a verifier input for receivifng the secure information, the transaction 
information, and the user/information; 

f. a second processor configured to receive the transaction information and the 
user information, and to perform a second MAC function on at least some of 
the transaction information and at least some of the user information, and to 
compare a result of the ?econd MAC function with the received secure 
information; and 

g. an output configured td output a verification of the secure information if the 
result of the second MAC function are identical to the received secure 
information. 



29. The apparatus of claim 27, wherein tl 



transaction information is at least one of a name of 



the vendor, a URL, a transaction amount, a date of transaction, a time of transaction, a name 
of an item purchased, and an invoice number. 

30. The apparatus of claim 27, wherein tjie secure information is used as at least a part of a 
credit card number. 

3 1 . The apparatus of claim 27, wherein tjie secure information is used as at least a part of a 
user's name. 
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The apparatus of claim 21, wherein the^cure information is a credit card number at least 
partially containing the result of the nirst MAC function. 

The apparatus of claim 27, wherein tine secure information is a user's name at least partially 
containing the result of the first MtvC function. 

The apparatus of claim 27, wherein the processor for performing the first MAC function 
adds a counter value to the transaction information. 
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